top4top.io/
188.165.137.138301 Moved Permanently 162 B IP 188.165.137.138:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Oct 2022 11:31:04 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://top4top.io
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9690
Expires: Tue, 04 Oct 2022 14:12:34 GMT
Date: Tue, 04 Oct 2022 11:31:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GSeKsoye_zMI-7k3QtnsXsA5k22Gcto94TnregcbOHxMrOnHWL6vXw==
age: 21757
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 10:38:17 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CTvrNJFLN55BVLPyDVvuZO-Md7c8GB8NcKlneWP8pG_-khz5nseNeQ==
Age: 3167
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d90f5ad316518c7385ff6252b9cd4ef7
ccd4eb2e86de6e14d6f33ff4d7315a5825393b91
dbf60a972a73216b346d30de70868321478cfd3db68075d8de14c30ced9ae0b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBF60A972A73216B346D30DE70868321478CFD3DB68075D8DE14C30CED9AE0B1"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3457
Expires: Tue, 04 Oct 2022 12:28:41 GMT
Date: Tue, 04 Oct 2022 11:31:04 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
top4top.io/
188.165.137.170200 OK 22 kB IP 188.165.137.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1874), with CRLF, LF line terminators
Hash ae72f52a6b75f8953be638ca7ee56525
aac965718e68863a7b2e20989d26f83da3f4a117
8fcf8ddec695015c90080d60431c35c9d5a687fe84fba52fc3e8ca4c9c636e44
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:31:04 GMT
Server: HotCores
Set-Cookie: sid=yM2ZbCD0vlxaEspFuzzDcCQ-fj9; expires=Thu, 06-Oct-2022 11:31:04 GMT; path=/
Expires: 0
Cache-Control: private, no-cache="set-cookie"
Pragma: no-cache
I-AM: US03
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
s.top4top.io/styles/default-new-reg/images/loading.gif
104.21.5.137200 OK 32 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/images/loading.gif
IP 104.21.5.137:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash 39c14aa5c10635b45086d616c0016689
4edecafe1147bd5e4af1f70f520df02c5a359934
e7ea71a09f4ef6432bfac9f46c14133f6ffee7db66ef69efccfa97cbbedcebfb
GET /styles/default-new-reg/images/loading.gif HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: image/gif
content-length: 32533
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-7f15"
expires: Mon, 23 May 2022 14:41:01 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 455938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU6BhrXgpxUxInYkaQzI8e5Mw41TLBK5RWRwFRdQWwN8rvScE41g6v1Yst9coyqofs%2BcA4EzTV%2F8LMGsdkqsp9wWc10lUegBwrDTCM%2BpZQEfbYG%2B5LX4vT713CJKFUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d378dd1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/images/newlogo.png
104.21.5.137200 OK 19 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/images/newlogo.png
IP 104.21.5.137:0
File type PNG image data, 71 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash d68c79880117110f89d39cce5c43d39c
6e30dcd905314f77912b224e35ce089560553300
1605b05d92b623c44661321917bca32d530ae52b3158319ce922dacd4c6f257d
GET /styles/default-new-reg/images/newlogo.png HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: image/png
content-length: 19068
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-4a7c"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 494944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4XckmPw2pkpyVgbUvZnZhniHhw%2B5wzl1s6nRrUwYl9s0POVziZdBbZSm0kUXoOGLnwJXgy04lHsMSYZkF4nFa4qJhaSjI2zWI25ZOxf9sb9zRKHWtG9aEHGN%2BM7vKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d378dc1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/images/soft.png
104.21.5.137200 OK 41 kB URL HTTP/2 s.top4top.io/styles/default-new-reg/images/soft.png
IP 104.21.5.137:0
File type PNG image data, 213 x 255, 8-bit/color RGBA, non-interlaced\012- data
Hash 8cf5d3f055149868fd89971433ed8ece
e877509e97d487b44bdd7203c7e3ca2795963afa
58b2b600aacfdda258a4b7ced90c85143e109480e78529c31358c412caab09d9
GET /styles/default-new-reg/images/soft.png HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: image/png
content-length: 41248
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: "57e8eb5d-a120"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 494944
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stMfKf8u3k92DmP0JTyRMR9%2BNceilHReCwSzSrBeDzlGVWFdWzORH7ZngbJh0LxndEve53RiRmGtQMs3R4582zMBvaNaJIPfY18TFbRtfFxK%2F8eBQaGqCiisFT%2BjZH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d378e61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top4top.io/ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=7787112109
188.165.137.170200 OK 337 B URL HTTP/1.1 top4top.io/ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=7787112109
IP 188.165.137.170:0
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash b7c8601f0b0ce65ced00ac7395e1f636
0f7857ded979895517bd0fd118590c2b81ff1fd9
02d7ca14e3dc1321f9703325493f8972cc6b84b047c3158014a5a7341eb7c867
GET /ads/adpull.php?n=1&w=300&h=250&call=js&t=banner&divid=7787112109 HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: sid=yM2ZbCD0vlxaEspFuzzDcCQ-fj9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:31:04 GMT
Server: HotCores
I-AM: US03
Content-Length: 337
Content-Type: text/javascript;Charset=UTF-8
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
216.58.207.234200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 20:55:30 GMT
expires: Wed, 27 Sep 2023 20:55:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 570934
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top4top.io/adimg-61?1664883064
188.165.137.170302 Found 3 B URL HTTP/1.1 top4top.io/adimg-61?1664883064
IP 188.165.137.170:0
File type Unicode text, UTF-8 text, with no line terminators
Hash ecaa88f7fa0bf610a5a26cf545dcd3aa
57218c316b6921e2cd61027a2387edc31a2d9471
f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
Analyzer Verdict Alert fortinet Malware
GET /adimg-61?1664883064 HTTP/1.1
Host: top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Cookie: sid=yM2ZbCD0vlxaEspFuzzDcCQ-fj9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Tue, 04 Oct 2022 11:31:05 GMT
Server: HotCores
Location: https://b.top4top.vip/p_427vfh7e1.png
I-AM: US01
Content-Length: 3
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VmDueNAkdxUfECWEzEf9VdLt7BnDfkIPDEy4ErAER7wqcoD43gz-6Q==
Age: 92
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9a38c9c49383bb96c52beb59f52b5d0
bbff1f58c32e15a1eb98609b2cb91dbc1104e99a
710dad0854f0eee4a6d94186efdaca820b5bd3d66da2806248a80226ef18fac2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "710DAD0854F0EEE4A6D94186EFDACA820B5BD3D66DA2806248A80226EF18FAC2"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Tue, 04 Oct 2022 14:17:01 GMT
Date: Tue, 04 Oct 2022 11:31:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Last-Modified: Tue, 04 Oct 2022 11:09:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b.top4top.vip/p_427vfh7e1.png
51.158.152.62302 Found 58 B URL HTTP/2 b.top4top.vip/p_427vfh7e1.png
IP 51.158.152.62:0
File type ASCII text, with no line terminators
Hash 75a599238e93d6d74eaa9289ae299451
20fad6ad8242766be851bd5895d705960bc8f12d
0763c0bb9c23933f4ac4d88d28235f1f188c387b0ed11bad585fdfdc85b6f5c6
GET /p_427vfh7e1.png HTTP/1.1
Host: b.top4top.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://top4top.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 04 Oct 2022 11:31:05 GMT
content-type: text/plain; charset=utf-8
content-length: 58
location: https://h.top4top.io/p_427vfh7e1.png
vary: Accept
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2910)
Hash cc3e05a7e2c6fcabdbef90f2ef553f5a
17a7e17431b833711ce0d5b2b2741fc3d4c4285d
0d1f8619f9003bd314bda59da1d85d91d945680a3945ba114f7b7f93ae8b0db0
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 04 Oct 2022 11:31:05 GMT
expires: Tue, 04 Oct 2022 11:31:05 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17487812149216419522
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54804
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 15 kB IP 142.250.74.3:0
Hash 8b6425b7779b5e0fa437b8029c290e68
a710247cbae9c9873b2b52ed1bda98169eada89f
bfe9c1feb363424de765afb229988db21d130a9749ffa32634fa7356425f9a5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 10:41:09 GMT
expires: Tue, 04 Oct 2022 12:41:09 GMT
cache-control: public, max-age=7200
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Jx6s4fGBKgTYe99h1AbFJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q2eXupnDCtnhIzj4o6CjAD5un3Y=
h.top4top.io/p_427vfh7e1.png
51.159.67.135200 OK 43 kB URL HTTP/2 h.top4top.io/p_427vfh7e1.png
IP 51.159.67.135:0
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 5fcc5c91d409e0dc6e2fe02f74176ea8
26c7af3f1e997aa1871d98b3551a381cb0d4f90e
4f6528919bb0f9ba4d23d37761fd4fd18561cfdaac54afe7f852dc9612960d7a
GET /p_427vfh7e1.png HTTP/1.1
Host: h.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://top4top.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:31:05 GMT
content-type: image/png
content-length: 43269
set-cookie: klj_40d147_downloads=9nxiv; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 05 Oct 2022 11:07:45 GMT
last-modified: Fri, 03 Mar 2017 15:22:29 GMT
content-disposition: inline; filename="427vfh7e1.png"
etag: "58b98a35-a905"
expires: Tue, 04 Oct 2022 13:31:05 GMT
cache-control: max-age=7200
x-file-id: x16233079x
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ba09e28963a711c7b2ce6c91a3a3a3
7cc64a4bf1691002ed65627d8f5bccd7d742721e
e029fc044883da7fbfd828a7c98822fa3bc814ff7e75abf7a7bcbaa64cb395ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=top4top.io&callback=_gfp_s_&client=ca-pub-7974902520762023
172.217.21.162200 OK 199 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=top4top.io&callback=_gfp_s_&client=ca-pub-7974902520762023
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash c38d681d733a0009766bb984dce8aaa6
b563618bca73d7d5cbfb6cc1465409f069689b55
ec021432ceecb825e63a872af701f83d2313e0ea1cbbcf3de1d270853c3e7c93
GET /gampad/cookie.js?domain=top4top.io&callback=_gfp_s_&client=ca-pub-7974902520762023 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Oct 2022 11:31:05 GMT
server: cafe
cache-control: private
content-length: 199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=top4top.io
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=top4top.io
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=top4top.io HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Oct 2022 11:31:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=top4top.io
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=top4top.io
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=top4top.io HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Oct 2022 11:31:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ba09e28963a711c7b2ce6c91a3a3a3
7cc64a4bf1691002ed65627d8f5bccd7d742721e
e029fc044883da7fbfd828a7c98822fa3bc814ff7e75abf7a7bcbaa64cb395ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f968b1f629e404e82ff3f3580560fd45
8cb3f06b18a86140f812bf76773b79f4093e4ec5
03ca1d4bc0b331a082a2e8a0886832ec158cb26f3e1bdc77c34747b49aa474eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f968b1f629e404e82ff3f3580560fd45
8cb3f06b18a86140f812bf76773b79f4093e4ec5
03ca1d4bc0b331a082a2e8a0886832ec158cb26f3e1bdc77c34747b49aa474eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f968b1f629e404e82ff3f3580560fd45
8cb3f06b18a86140f812bf76773b79f4093e4ec5
03ca1d4bc0b331a082a2e8a0886832ec158cb26f3e1bdc77c34747b49aa474eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1624)
Hash 133fde8c1ac7b233618384984b980ae7
ff577b7ec2e43c8eaef430b3875dfd59cf82693c
abe394ea4aaeb29c4a08fbd0c0cd3aea525542d7933325db42d7b85bc9598c44
GET /pagead/js/r20220928/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9561
x-xss-protection: 0
date: Tue, 04 Oct 2022 11:09:01 GMT
expires: Tue, 18 Oct 2022 11:09:01 GMT
cache-control: public, max-age=1209600
etag: 483224313611802536
content-type: text/javascript; charset=UTF-8
age: 1325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash 126f036451fe7f2fc91dd1114d8daef7
9510b9439d0169421dd29b6493bd15fd21816c5e
76548fed45d196bae3076488e40b3fa7347a25f7d076922ba4d53db5263ce9b2
GET /pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7559
x-xss-protection: 0
date: Tue, 04 Oct 2022 11:07:52 GMT
expires: Tue, 18 Oct 2022 11:07:52 GMT
cache-control: public, max-age=1209600
etag: 15289875785628835784
content-type: text/javascript; charset=UTF-8
age: 1394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js
142.250.74.33200 OK 8.2 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1831)
Hash 74b8f2ac76ee6aae516e5353ae9855c1
b6ae86c39deea3a34540b6f74cdcef7e0f3d0feb
3ff1db35135818a016c3f5fec0df10a7032b6795013b14cebab7123d34881962
GET /pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 8224
x-xss-protection: 0
date: Tue, 04 Oct 2022 11:24:30 GMT
expires: Tue, 18 Oct 2022 11:24:30 GMT
cache-control: public, max-age=1209600
etag: 17584738254627026664
content-type: text/javascript; charset=UTF-8
age: 396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 45 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3498)
Hash 7b354b2d53537a9c3a776265a3a784c1
2a2ce345d4fd809c2cd6cfe314d72b44636a6ed8
e2eed64cf33932336db582539484770cc046173b9929c39c41d20de474b3452b
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44883
date: Tue, 04 Oct 2022 11:31:06 GMT
expires: Tue, 04 Oct 2022 11:31:06 GMT
cache-control: private, max-age=3000
etag: "1664796838458510"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
142.250.74.70200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:22:42 GMT
expires: Tue, 04 Oct 2022 20:22:42 GMT
cache-control: public, max-age=86400
age: 54504
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8851
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:31:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8851
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:31:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8851
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:31:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8851
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:31:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8851
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 11:31:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 49594
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 49592
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 49607
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: czAJIO54qhc57-FC2v3o_6iUysen6MFHxo4KWJL7Uhs3ZBmRalqgMw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 09:44:26 GMT
age: 6401
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 49607
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 49607
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-RXnui-6VzkbLH2eYs2P0eytot83wN9ans0AHqLHNLheS8q3Le2DmZ2tFM4fuZLRuQPCdAnf5VMleWO37QcDLPZkJH0UjqF8L1upIVKbem2AgP4Af4ntpnwuCSVh8KiORG3cmrBNGXwOD8WBwSysk5xN8O-9ZZrux_ZGgp2dwhDomR8EPZVKTUVP9mc5QXPeCo446saCskShdnr7BEfibeFMDaJbB268fr8kcR3R4Kfbo9wM8BOV79JiBfT3dQ_q8dv16gg0PMkx2etvB1U4b58-7dnLfZ9Qdm5LHDpqUFDNhGzFee4c5GtHe90LplEJZ7QNCU8srL1FKl1mSP9QUAJCekLNX-8krkCi5ScrlT0jw27gIuYaI1rHxIxKLBxpEOhngLMMxzV0oKsMTBuWJDgpE9JJ5NFOB_EXH-mZQO635LqIDBy1XxgoDaVZeXKU_IS-taYXNJzzvxTacNpnvDi9GRffbzeEKImwb4-Hx5FzE1LDAEyXAfQfIQXEoKJ7fwbXV0-bh2RgZaSXfm5ER7N6lqJMfdE3m6ugWhrIZTyDWbZ-aoFmoGmv1XYFd8wVVdwCFzJMuhDqhVUgReJRKWV7_nrYGxFUA6obgRTS4zaiYx0biBGoHk4oEBssKpkUw_TOqv6czn1GeQsbSU2ChvQUQRkPof_WqTybSbI24Mv5Tk5lWv6tSLoxd8cG39BhpO6zMaahpQ8M14ucU5wENopgXT8nZapAXOuhMHwffY6lCZznl-9bqHvXzAYLw6Yhcblp7Y8ZgT2DU5WJp_Idf6OGTswxTR7xpCN5lMOcIy2eLyhmyKJwOi6VeqbbpWDx6tLr-1uGA2kTvc_zWFmLq0JiodYJLJRHVXuk4bXURCON9riiqVhxZcQeA1Nbnd23f85IawsGSH-_uhtmbPhrJmQuYD1ttRJNFacN5FiA4Htb8wxEHUBXRsQJ_TKgchFyuO69RvoftsD1PYRJfk4IG8T2-6nO9HyaQ8u0kjpLux52gtU80IPsOh1yGY5xqK5MsBu4z6KZ8mrDYy3ZsfITalYqspTBlPbYB8HXk9Z7DaqErqBr0rznbMq8150EaHLpgT0TlAygr6CNniW6lDSbn6sDpqsg2KryAP_CtpaZq81ZniWrqaqR0RSAb_d86XammlHhmThdck3WkTbXvJOP8sW9RJno8h-WT2r0w4vSzZXeyVsglVngVr80-3eo7v85zfQ&sai=AMfl-YS9z5c-M_suHYAuEoTVUuEpkDKsIb0tEp54DzOkWDQsK3kjlq5p8SO4Yg4vYHB5ocK3uLlqr9INPRXFWtnNSqswfT7t5R0urA-krFqxGL942ccUid72IHnrJx2nMbF3bmnJhLg3zJLpzc9rP3kFOeM3O5dqvZVa84Z-ZwkyEwSfk-RdZ1JToksCd6v0m1wNvXrv_J29VSjlbbORAuwTH7Tp53EgYD9ayA&sig=Cg0ArKJSzIwGeN9ImBBlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=186&cisv=r20220928.46116&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-RXnui-6VzkbLH2eYs2P0eytot83wN9ans0AHqLHNLheS8q3Le2DmZ2tFM4fuZLRuQPCdAnf5VMleWO37QcDLPZkJH0UjqF8L1upIVKbem2AgP4Af4ntpnwuCSVh8KiORG3cmrBNGXwOD8WBwSysk5xN8O-9ZZrux_ZGgp2dwhDomR8EPZVKTUVP9mc5QXPeCo446saCskShdnr7BEfibeFMDaJbB268fr8kcR3R4Kfbo9wM8BOV79JiBfT3dQ_q8dv16gg0PMkx2etvB1U4b58-7dnLfZ9Qdm5LHDpqUFDNhGzFee4c5GtHe90LplEJZ7QNCU8srL1FKl1mSP9QUAJCekLNX-8krkCi5ScrlT0jw27gIuYaI1rHxIxKLBxpEOhngLMMxzV0oKsMTBuWJDgpE9JJ5NFOB_EXH-mZQO635LqIDBy1XxgoDaVZeXKU_IS-taYXNJzzvxTacNpnvDi9GRffbzeEKImwb4-Hx5FzE1LDAEyXAfQfIQXEoKJ7fwbXV0-bh2RgZaSXfm5ER7N6lqJMfdE3m6ugWhrIZTyDWbZ-aoFmoGmv1XYFd8wVVdwCFzJMuhDqhVUgReJRKWV7_nrYGxFUA6obgRTS4zaiYx0biBGoHk4oEBssKpkUw_TOqv6czn1GeQsbSU2ChvQUQRkPof_WqTybSbI24Mv5Tk5lWv6tSLoxd8cG39BhpO6zMaahpQ8M14ucU5wENopgXT8nZapAXOuhMHwffY6lCZznl-9bqHvXzAYLw6Yhcblp7Y8ZgT2DU5WJp_Idf6OGTswxTR7xpCN5lMOcIy2eLyhmyKJwOi6VeqbbpWDx6tLr-1uGA2kTvc_zWFmLq0JiodYJLJRHVXuk4bXURCON9riiqVhxZcQeA1Nbnd23f85IawsGSH-_uhtmbPhrJmQuYD1ttRJNFacN5FiA4Htb8wxEHUBXRsQJ_TKgchFyuO69RvoftsD1PYRJfk4IG8T2-6nO9HyaQ8u0kjpLux52gtU80IPsOh1yGY5xqK5MsBu4z6KZ8mrDYy3ZsfITalYqspTBlPbYB8HXk9Z7DaqErqBr0rznbMq8150EaHLpgT0TlAygr6CNniW6lDSbn6sDpqsg2KryAP_CtpaZq81ZniWrqaqR0RSAb_d86XammlHhmThdck3WkTbXvJOP8sW9RJno8h-WT2r0w4vSzZXeyVsglVngVr80-3eo7v85zfQ&sai=AMfl-YS9z5c-M_suHYAuEoTVUuEpkDKsIb0tEp54DzOkWDQsK3kjlq5p8SO4Yg4vYHB5ocK3uLlqr9INPRXFWtnNSqswfT7t5R0urA-krFqxGL942ccUid72IHnrJx2nMbF3bmnJhLg3zJLpzc9rP3kFOeM3O5dqvZVa84Z-ZwkyEwSfk-RdZ1JToksCd6v0m1wNvXrv_J29VSjlbbORAuwTH7Tp53EgYD9ayA&sig=Cg0ArKJSzIwGeN9ImBBlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=186&cisv=r20220928.46116&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjss-RXnui-6VzkbLH2eYs2P0eytot83wN9ans0AHqLHNLheS8q3Le2DmZ2tFM4fuZLRuQPCdAnf5VMleWO37QcDLPZkJH0UjqF8L1upIVKbem2AgP4Af4ntpnwuCSVh8KiORG3cmrBNGXwOD8WBwSysk5xN8O-9ZZrux_ZGgp2dwhDomR8EPZVKTUVP9mc5QXPeCo446saCskShdnr7BEfibeFMDaJbB268fr8kcR3R4Kfbo9wM8BOV79JiBfT3dQ_q8dv16gg0PMkx2etvB1U4b58-7dnLfZ9Qdm5LHDpqUFDNhGzFee4c5GtHe90LplEJZ7QNCU8srL1FKl1mSP9QUAJCekLNX-8krkCi5ScrlT0jw27gIuYaI1rHxIxKLBxpEOhngLMMxzV0oKsMTBuWJDgpE9JJ5NFOB_EXH-mZQO635LqIDBy1XxgoDaVZeXKU_IS-taYXNJzzvxTacNpnvDi9GRffbzeEKImwb4-Hx5FzE1LDAEyXAfQfIQXEoKJ7fwbXV0-bh2RgZaSXfm5ER7N6lqJMfdE3m6ugWhrIZTyDWbZ-aoFmoGmv1XYFd8wVVdwCFzJMuhDqhVUgReJRKWV7_nrYGxFUA6obgRTS4zaiYx0biBGoHk4oEBssKpkUw_TOqv6czn1GeQsbSU2ChvQUQRkPof_WqTybSbI24Mv5Tk5lWv6tSLoxd8cG39BhpO6zMaahpQ8M14ucU5wENopgXT8nZapAXOuhMHwffY6lCZznl-9bqHvXzAYLw6Yhcblp7Y8ZgT2DU5WJp_Idf6OGTswxTR7xpCN5lMOcIy2eLyhmyKJwOi6VeqbbpWDx6tLr-1uGA2kTvc_zWFmLq0JiodYJLJRHVXuk4bXURCON9riiqVhxZcQeA1Nbnd23f85IawsGSH-_uhtmbPhrJmQuYD1ttRJNFacN5FiA4Htb8wxEHUBXRsQJ_TKgchFyuO69RvoftsD1PYRJfk4IG8T2-6nO9HyaQ8u0kjpLux52gtU80IPsOh1yGY5xqK5MsBu4z6KZ8mrDYy3ZsfITalYqspTBlPbYB8HXk9Z7DaqErqBr0rznbMq8150EaHLpgT0TlAygr6CNniW6lDSbn6sDpqsg2KryAP_CtpaZq81ZniWrqaqR0RSAb_d86XammlHhmThdck3WkTbXvJOP8sW9RJno8h-WT2r0w4vSzZXeyVsglVngVr80-3eo7v85zfQ&sai=AMfl-YS9z5c-M_suHYAuEoTVUuEpkDKsIb0tEp54DzOkWDQsK3kjlq5p8SO4Yg4vYHB5ocK3uLlqr9INPRXFWtnNSqswfT7t5R0urA-krFqxGL942ccUid72IHnrJx2nMbF3bmnJhLg3zJLpzc9rP3kFOeM3O5dqvZVa84Z-ZwkyEwSfk-RdZ1JToksCd6v0m1wNvXrv_J29VSjlbbORAuwTH7Tp53EgYD9ayA&sig=Cg0ArKJSzIwGeN9ImBBlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=186&cisv=r20220928.46116&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 11:31:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 11:46:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 11:31:07 GMT
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaQnAcPPuqspfX3RCC7mYmcG_lSfPTD9vr2vOidR8zIZsZeh6zz4-42gIj64_t7lOTbEHxZel70NSm4DiFXJTfX80BwMQQ
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaQnAcPPuqspfX3RCC7mYmcG_lSfPTD9vr2vOidR8zIZsZeh6zz4-42gIj64_t7lOTbEHxZel70NSm4DiFXJTfX80BwMQQ
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaQnAcPPuqspfX3RCC7mYmcG_lSfPTD9vr2vOidR8zIZsZeh6zz4-42gIj64_t7lOTbEHxZel70NSm4DiFXJTfX80BwMQQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 11:31:07 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaS9ORYDuL4yCh20NmIkJXncho1hTTvz7MTn876gImPpigY9N1lrRjCzS_iRCYphCd5C6Q-2esfke72UsqBLU9aZB2m-SQ
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaS9ORYDuL4yCh20NmIkJXncho1hTTvz7MTn876gImPpigY9N1lrRjCzS_iRCYphCd5C6Q-2esfke72UsqBLU9aZB2m-SQ
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaS9ORYDuL4yCh20NmIkJXncho1hTTvz7MTn876gImPpigY9N1lrRjCzS_iRCYphCd5C6Q-2esfke72UsqBLU9aZB2m-SQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 11:31:07 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaTyyTbTqAlfiwvoJQVCB3KEnCi77w9_yC7o2FvKLU7fqh3HCWUuZhP2tbSWRlNjzGuhVBoc0ujIJj3KcWwzZUvbBoSsPQ
142.250.74.164204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaTyyTbTqAlfiwvoJQVCB3KEnCi77w9_yC7o2FvKLU7fqh3HCWUuZhP2tbSWRlNjzGuhVBoc0ujIJj3KcWwzZUvbBoSsPQ
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaTyyTbTqAlfiwvoJQVCB3KEnCi77w9_yC7o2FvKLU7fqh3HCWUuZhP2tbSWRlNjzGuhVBoc0ujIJj3KcWwzZUvbBoSsPQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 11:31:07 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.163200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.163:0
File type C++ source, ASCII text, with very long lines (1792)
Hash 10e6f3bdb6fae70ad38bdf5dbf63ec92
9bc2aed43500f7a96923397c67624983f7593c77
07cfe15791ca91426412f72bbd4300bb7b19b5fd976285a9071861dc3c90e779
GET /mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 13677
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 09:05:39 GMT
expires: Fri, 30 Dec 2022 09:05:39 GMT
cache-control: public, max-age=7776000
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
content-type: text/javascript
age: 267928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:37:25 GMT
expires: Sun, 01 Oct 2023 07:37:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
age: 273222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-RXnui-6VzkbLH2eYs2P0eytot83wN9ans0AHqLHNLheS8q3Le2DmZ2tFM4fuZLRuQPCdAnf5VMleWO37QcDLPZkJH0UjqF8L1upIVKbem2AgP4Af4ntpnwuCSVh8KiORG3cmrBNGXwOD8WBwSysk5xN8O-9ZZrux_ZGgp2dwhDomR8EPZVKTUVP9mc5QXPeCo446saCskShdnr7BEfibeFMDaJbB268fr8kcR3R4Kfbo9wM8BOV79JiBfT3dQ_q8dv16gg0PMkx2etvB1U4b58-7dnLfZ9Qdm5LHDpqUFDNhGzFee4c5GtHe90LplEJZ7QNCU8srL1FKl1mSP9QUAJCekLNX-8krkCi5ScrlT0jw27gIuYaI1rHxIxKLBxpEOhngLMMxzV0oKsMTBuWJDgpE9JJ5NFOB_EXH-mZQO635LqIDBy1XxgoDaVZeXKU_IS-taYXNJzzvxTacNpnvDi9GRffbzeEKImwb4-Hx5FzE1LDAEyXAfQfIQXEoKJ7fwbXV0-bh2RgZaSXfm5ER7N6lqJMfdE3m6ugWhrIZTyDWbZ-aoFmoGmv1XYFd8wVVdwCFzJMuhDqhVUgReJRKWV7_nrYGxFUA6obgRTS4zaiYx0biBGoHk4oEBssKpkUw_TOqv6czn1GeQsbSU2ChvQUQRkPof_WqTybSbI24Mv5Tk5lWv6tSLoxd8cG39BhpO6zMaahpQ8M14ucU5wENopgXT8nZapAXOuhMHwffY6lCZznl-9bqHvXzAYLw6Yhcblp7Y8ZgT2DU5WJp_Idf6OGTswxTR7xpCN5lMOcIy2eLyhmyKJwOi6VeqbbpWDx6tLr-1uGA2kTvc_zWFmLq0JiodYJLJRHVXuk4bXURCON9riiqVhxZcQeA1Nbnd23f85IawsGSH-_uhtmbPhrJmQuYD1ttRJNFacN5FiA4Htb8wxEHUBXRsQJ_TKgchFyuO69RvoftsD1PYRJfk4IG8T2-6nO9HyaQ8u0kjpLux52gtU80IPsOh1yGY5xqK5MsBu4z6KZ8mrDYy3ZsfITalYqspTBlPbYB8HXk9Z7DaqErqBr0rznbMq8150EaHLpgT0TlAygr6CNniW6lDSbn6sDpqsg2KryAP_CtpaZq81ZniWrqaqR0RSAb_d86XammlHhmThdck3WkTbXvJOP8sW9RJno8h-WT2r0w4vSzZXeyVsglVngVr80-3eo7v85zfQ&sai=AMfl-YS9z5c-M_suHYAuEoTVUuEpkDKsIb0tEp54DzOkWDQsK3kjlq5p8SO4Yg4vYHB5ocK3uLlqr9INPRXFWtnNSqswfT7t5R0urA-krFqxGL942ccUid72IHnrJx2nMbF3bmnJhLg3zJLpzc9rP3kFOeM3O5dqvZVa84Z-ZwkyEwSfk-RdZ1JToksCd6v0m1wNvXrv_J29VSjlbbORAuwTH7Tp53EgYD9ayA&sig=Cg0ArKJSzIwGeN9ImBBlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=538&vt=11&dtpt=348&dett=3&cstd=186&cisv=r20220928.46116&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-RXnui-6VzkbLH2eYs2P0eytot83wN9ans0AHqLHNLheS8q3Le2DmZ2tFM4fuZLRuQPCdAnf5VMleWO37QcDLPZkJH0UjqF8L1upIVKbem2AgP4Af4ntpnwuCSVh8KiORG3cmrBNGXwOD8WBwSysk5xN8O-9ZZrux_ZGgp2dwhDomR8EPZVKTUVP9mc5QXPeCo446saCskShdnr7BEfibeFMDaJbB268fr8kcR3R4Kfbo9wM8BOV79JiBfT3dQ_q8dv16gg0PMkx2etvB1U4b58-7dnLfZ9Qdm5LHDpqUFDNhGzFee4c5GtHe90LplEJZ7QNCU8srL1FKl1mSP9QUAJCekLNX-8krkCi5ScrlT0jw27gIuYaI1rHxIxKLBxpEOhngLMMxzV0oKsMTBuWJDgpE9JJ5NFOB_EXH-mZQO635LqIDBy1XxgoDaVZeXKU_IS-taYXNJzzvxTacNpnvDi9GRffbzeEKImwb4-Hx5FzE1LDAEyXAfQfIQXEoKJ7fwbXV0-bh2RgZaSXfm5ER7N6lqJMfdE3m6ugWhrIZTyDWbZ-aoFmoGmv1XYFd8wVVdwCFzJMuhDqhVUgReJRKWV7_nrYGxFUA6obgRTS4zaiYx0biBGoHk4oEBssKpkUw_TOqv6czn1GeQsbSU2ChvQUQRkPof_WqTybSbI24Mv5Tk5lWv6tSLoxd8cG39BhpO6zMaahpQ8M14ucU5wENopgXT8nZapAXOuhMHwffY6lCZznl-9bqHvXzAYLw6Yhcblp7Y8ZgT2DU5WJp_Idf6OGTswxTR7xpCN5lMOcIy2eLyhmyKJwOi6VeqbbpWDx6tLr-1uGA2kTvc_zWFmLq0JiodYJLJRHVXuk4bXURCON9riiqVhxZcQeA1Nbnd23f85IawsGSH-_uhtmbPhrJmQuYD1ttRJNFacN5FiA4Htb8wxEHUBXRsQJ_TKgchFyuO69RvoftsD1PYRJfk4IG8T2-6nO9HyaQ8u0kjpLux52gtU80IPsOh1yGY5xqK5MsBu4z6KZ8mrDYy3ZsfITalYqspTBlPbYB8HXk9Z7DaqErqBr0rznbMq8150EaHLpgT0TlAygr6CNniW6lDSbn6sDpqsg2KryAP_CtpaZq81ZniWrqaqR0RSAb_d86XammlHhmThdck3WkTbXvJOP8sW9RJno8h-WT2r0w4vSzZXeyVsglVngVr80-3eo7v85zfQ&sai=AMfl-YS9z5c-M_suHYAuEoTVUuEpkDKsIb0tEp54DzOkWDQsK3kjlq5p8SO4Yg4vYHB5ocK3uLlqr9INPRXFWtnNSqswfT7t5R0urA-krFqxGL942ccUid72IHnrJx2nMbF3bmnJhLg3zJLpzc9rP3kFOeM3O5dqvZVa84Z-ZwkyEwSfk-RdZ1JToksCd6v0m1wNvXrv_J29VSjlbbORAuwTH7Tp53EgYD9ayA&sig=Cg0ArKJSzIwGeN9ImBBlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=538&vt=11&dtpt=348&dett=3&cstd=186&cisv=r20220928.46116&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjss-RXnui-6VzkbLH2eYs2P0eytot83wN9ans0AHqLHNLheS8q3Le2DmZ2tFM4fuZLRuQPCdAnf5VMleWO37QcDLPZkJH0UjqF8L1upIVKbem2AgP4Af4ntpnwuCSVh8KiORG3cmrBNGXwOD8WBwSysk5xN8O-9ZZrux_ZGgp2dwhDomR8EPZVKTUVP9mc5QXPeCo446saCskShdnr7BEfibeFMDaJbB268fr8kcR3R4Kfbo9wM8BOV79JiBfT3dQ_q8dv16gg0PMkx2etvB1U4b58-7dnLfZ9Qdm5LHDpqUFDNhGzFee4c5GtHe90LplEJZ7QNCU8srL1FKl1mSP9QUAJCekLNX-8krkCi5ScrlT0jw27gIuYaI1rHxIxKLBxpEOhngLMMxzV0oKsMTBuWJDgpE9JJ5NFOB_EXH-mZQO635LqIDBy1XxgoDaVZeXKU_IS-taYXNJzzvxTacNpnvDi9GRffbzeEKImwb4-Hx5FzE1LDAEyXAfQfIQXEoKJ7fwbXV0-bh2RgZaSXfm5ER7N6lqJMfdE3m6ugWhrIZTyDWbZ-aoFmoGmv1XYFd8wVVdwCFzJMuhDqhVUgReJRKWV7_nrYGxFUA6obgRTS4zaiYx0biBGoHk4oEBssKpkUw_TOqv6czn1GeQsbSU2ChvQUQRkPof_WqTybSbI24Mv5Tk5lWv6tSLoxd8cG39BhpO6zMaahpQ8M14ucU5wENopgXT8nZapAXOuhMHwffY6lCZznl-9bqHvXzAYLw6Yhcblp7Y8ZgT2DU5WJp_Idf6OGTswxTR7xpCN5lMOcIy2eLyhmyKJwOi6VeqbbpWDx6tLr-1uGA2kTvc_zWFmLq0JiodYJLJRHVXuk4bXURCON9riiqVhxZcQeA1Nbnd23f85IawsGSH-_uhtmbPhrJmQuYD1ttRJNFacN5FiA4Htb8wxEHUBXRsQJ_TKgchFyuO69RvoftsD1PYRJfk4IG8T2-6nO9HyaQ8u0kjpLux52gtU80IPsOh1yGY5xqK5MsBu4z6KZ8mrDYy3ZsfITalYqspTBlPbYB8HXk9Z7DaqErqBr0rznbMq8150EaHLpgT0TlAygr6CNniW6lDSbn6sDpqsg2KryAP_CtpaZq81ZniWrqaqR0RSAb_d86XammlHhmThdck3WkTbXvJOP8sW9RJno8h-WT2r0w4vSzZXeyVsglVngVr80-3eo7v85zfQ&sai=AMfl-YS9z5c-M_suHYAuEoTVUuEpkDKsIb0tEp54DzOkWDQsK3kjlq5p8SO4Yg4vYHB5ocK3uLlqr9INPRXFWtnNSqswfT7t5R0urA-krFqxGL942ccUid72IHnrJx2nMbF3bmnJhLg3zJLpzc9rP3kFOeM3O5dqvZVa84Z-ZwkyEwSfk-RdZ1JToksCd6v0m1wNvXrv_J29VSjlbbORAuwTH7Tp53EgYD9ayA&sig=Cg0ArKJSzIwGeN9ImBBlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=538&vt=11&dtpt=348&dett=3&cstd=186&cisv=r20220928.46116&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 11:31:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 11:46:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 11:31:07 GMT
X-Firefox-Spdy: h2
bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DpLww8Q7sUJG3ql7VL-b2L9TlbCqXHrYsspmLlYL9zoIuLO_Ec8F4dHXJfQG_1nCkgEmEnibHwc3PQbGFKFDzbpIX4YA&cry=1&dbm_d=AKAmf-DHuhqFtv-y0UKxh0RwuDRnRKQlofzTL1P6o13vhbNNCUk-mENlkzVR9QF6XKq_jUe0-5Wx1hYXi8YelVkv93S9iWnGyH8Laa1luvfadQTeQi3qx79xwTGYJqdUA5miTuFbH6nnQkAMBS1PID7cCDGOYm301j1ebP83WpguJtSaKVrRpBP8h4r2_2w9azlw2Nzv5wmwee06qAn7A6oInxF3vBwFedcUQAUg_aGF5ULtTZIm5lnh8fi7LlScATT-GtVOjtutPZSEmIWoMFb17Vo6CoyRRITho-AN10LiKzEUfuW6Cxd1WH_eXjXbowJ7MnEAoedIL8zt1qtO0CTY4LMJvAOG-Ok_O_5kTECcP4nWz_psYoDCP9HUw0ZQni-gAg-VCZjzuB1zi_weJ1K32jNJOIQ9YVUtdBPhSVFGSF7nry_bRTC0HdBBzuL5VKlL5Wb4qGjbrjdDNOWpWGV5eLkgLy4OfhoiFDqMaEPtXUoZGjNH6dOUt2zfOnP7qZ80pvf_USU5quYsAR7LJryDU3vzncle8K5_Nux6XUHJ08DkgGDCfzp0uNtRKovXOLwexfNP75j2t7ZINtBBtQYE1Le0SLvqrzFFvBGH50mJuCvnJwiv70XvI4FLiZf2WL3GJ9_nSBCuwbBy25eTVOifa1AONc5xpTFWAYGtsFl19e48tyQwepfDLFz4LeMjbhljBoEr59-4qSAt7njXgpTy1gTxLy4r6FES9MprnEYROHUM52X3HGQKYs-v9Y1a5m32nvf_GP8Gfs7rGvlkWLieTd5O5vUTg0YUUB8GZOjHcJ89zFgBTRiZ6MSVvemE1giH5phNDlPkXYxAYdxVSDfEtSmwToL0tiGEyNG4AO9PtwdYvSrv97W9BpMOoNGxLlVzpRkOsG8bK5lTpiUikfIzwHgGi9nl0hzsht5LoBr_JOv0hR05knS5MjJKPFuatmGNLUogp7zKgtYVa45WfeIOQsFywiXAdPLuBWdY2FfftGQ4PpIKqdQIPAYs4UUVqFb65QgTj0EBF1m4xyVKTc-qrxHOj-GdUaoEk0ksQoBKeYN4Wficd9CQ-R85wqMpnXDd-ENt6iNXT_40xHIv33WndnXbsKRD7kRHLBYb52FHXdZil8YvwKS_NEze1CPxjJ27XiesOOQrYj0IuHMN_dtkT5TympjcWIQdJtEjCj7t91v896XuvbKd7li44_qKI0HQ30h0G3VxvAdA4dZyiq8a8FRepsO-CjA39knGIRzGbrutS0bXZgun1P__Pa2u5cg2ezz0afyCnE7emvCSjpcSHreXuc3IB4DyOL-dxF-LjpCoosRPPzkACskR8BqqxQOSj8vr62CAEH9rrB74LJwDDYHtUG59MgdQf06_EE7dsbOOZNFUiOUAgcEzSNbIJNN0D8Be_-riXZhGXdpJtaRsZvKYzrwCxgiq5oEMfpO0XnsprEn4Za4CsWd81GIynfYy4tVrZVdbv-5KwsaHyQbdlANh6w8zevNz43HxUGpE5lKtGvQ69CbJCzXk76OJGEOTFQVe63Zitk4UhaKHU8AAOB8xEDUvHX7aKwhjm8pT7op-HcEH-sqml20E3TsJScOp2ATJ6hbEKCahWwdKhV3SmQg5M51AAG3qOCRnQTR0SvHKK-f3KZuC1gh-uEKFVdbxJQVGLLRYoXHsFG7PtcjU0-eCBIITWdEUNq55OxL6A_1nX1eLzdyIOLqaCFIFHVjEkZQMlWi_zUuDBaloEMLlGaNtt96y2eQCV5FvamUKAqA7N4oyNtd7vLa4k79EMKoQ4Q4JJbEhsqyh19L-o2URWvvnLJ2SOy-OzFwLija9f174MrEeRTXRjrmuOs-UW-8OnPnuGoSG5vHxUMTuu26Ll_5F-TchTvB9yItYpChf13X2YJTxvg6VMIGsYSeYkmP7l8iSI9ryt6hCoyd3mUhaIZmCBQYrkNRe6SyeNC1Bt5y-rTmowMV5tkH9MOj_q2x4geRy0TeTYZC509kGVDmoK0w7yea8oiTL1APeRmF5WXqL-slayhjpu6B57n86GUmI6rS9rLsd1X9Y-r7J3dMhx21wmHY8kxRewR8ZGcHJEzxeojnrjRC-HlLENf0vv6zyXd8icRGHH0A1wDUUJ5P9zxhYs9CEDiOm4PPMkDuM5l-FC859NkBWUt9F8lixPe6CZRlG418P2k9JAqlxE7l339E9L3Gwlx60KqHphuiFV-I8vqgZxqH-JYcpJa9l9ZZKs4Lzzxqb9yYGGtdLdTlNY2AWRSsyFc9z_kHMMcrbRzA28zNXVLflBzGwArXW76V8H0VPlwC1e84Z2zsAYMQ9YdZ0SI1m9uYmpgkcA6_1IW49wkeLORJ80TCfcAUpDAhMKL5unApnz6A_wK1eZ0zmgtwfqCGCHB0EomtXfoMfOy6Pv4q0ai5rnF5Mv3IZfEYo50YOpaDPCZC3OvhdXajGr46SzccLmvRdRhudrRVhzqy-5A_a3fj43mHs2sFJpdBiDKvZHBER7dWYjBPtodKh3EoYWS7v9DSYDFKbrH1JBSlyw871B-69Jh-3a5QljaHPGBSd9UnsTQjurjU3-LnCp9fYzr71vKWV-t24ut91G2116OxWZyxJsvJywwZHE5dnQF7N5d0SDtttAgZq6j3TOjhVzokP0h6DQ7mKffvQ8l4nfvQoh_c_8QdRRMq-q8VZ-nch4kULS6bEDcBai__9T9qVlJDBVo1LVE8ClUfWiU53V6Kxc8pCk7CYKE0ysauq7KiVZSqz-lCbI5-HznA__9ZddYs-dXhGDhXSsgWJaFu9-tiiirT9uu974c0kbR3G6Qgc5vAV4dWnA21HflAEYbwTOkA_GiEFGapS3QBjM6LTComvVm_5Pasb3tXkb9XYtKSe1J9dWSO8wOmPABGgsi56IJKvYXFC6HxwAQrx8ApInxCurbUxeJ86RTKXFx1VHorB5p0UumWxOmD5i7OiEpxGQOeQu-NSk344dgV__JYxrVJwB209495ROfo6yrYiVjIuz7yBS9E5MG9kesCHaIUbMpDwyq7CAUDFYrkz-DUKPnGJPDarLuFKwBTZOVWBRuYuEn5BIzSclv6cIdv-yU1jcs_XbZn949qvEZ1HwHAqRAQjlt_Mtscn49MxDh55XvVZVgalaUM6BRc7DYBEth94c4VX_36JzyfuvgGgu-SDmQJ9YaWSmmpq-jVa8dIuTUCxLbQ1-UzgcLvMzIwvsxqnOjk7RrkmfMxETaocE_PvXJAmeXhAu6TZR69ZoWndf9BwWt6VuoZTbe5Q_bPVGbK1BR4ZEA&cid=CAASJ-RoLt3TZV__F_BwqtHrZu5-XfZzZo7QNux5ayyQ058y69ivEy4aPg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
64.233.162.157200 OK 16 kB URL HTTP/2 bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DpLww8Q7sUJG3ql7VL-b2L9TlbCqXHrYsspmLlYL9zoIuLO_Ec8F4dHXJfQG_1nCkgEmEnibHwc3PQbGFKFDzbpIX4YA&cry=1&dbm_d=AKAmf-DHuhqFtv-y0UKxh0RwuDRnRKQlofzTL1P6o13vhbNNCUk-mENlkzVR9QF6XKq_jUe0-5Wx1hYXi8YelVkv93S9iWnGyH8Laa1luvfadQTeQi3qx79xwTGYJqdUA5miTuFbH6nnQkAMBS1PID7cCDGOYm301j1ebP83WpguJtSaKVrRpBP8h4r2_2w9azlw2Nzv5wmwee06qAn7A6oInxF3vBwFedcUQAUg_aGF5ULtTZIm5lnh8fi7LlScATT-GtVOjtutPZSEmIWoMFb17Vo6CoyRRITho-AN10LiKzEUfuW6Cxd1WH_eXjXbowJ7MnEAoedIL8zt1qtO0CTY4LMJvAOG-Ok_O_5kTECcP4nWz_psYoDCP9HUw0ZQni-gAg-VCZjzuB1zi_weJ1K32jNJOIQ9YVUtdBPhSVFGSF7nry_bRTC0HdBBzuL5VKlL5Wb4qGjbrjdDNOWpWGV5eLkgLy4OfhoiFDqMaEPtXUoZGjNH6dOUt2zfOnP7qZ80pvf_USU5quYsAR7LJryDU3vzncle8K5_Nux6XUHJ08DkgGDCfzp0uNtRKovXOLwexfNP75j2t7ZINtBBtQYE1Le0SLvqrzFFvBGH50mJuCvnJwiv70XvI4FLiZf2WL3GJ9_nSBCuwbBy25eTVOifa1AONc5xpTFWAYGtsFl19e48tyQwepfDLFz4LeMjbhljBoEr59-4qSAt7njXgpTy1gTxLy4r6FES9MprnEYROHUM52X3HGQKYs-v9Y1a5m32nvf_GP8Gfs7rGvlkWLieTd5O5vUTg0YUUB8GZOjHcJ89zFgBTRiZ6MSVvemE1giH5phNDlPkXYxAYdxVSDfEtSmwToL0tiGEyNG4AO9PtwdYvSrv97W9BpMOoNGxLlVzpRkOsG8bK5lTpiUikfIzwHgGi9nl0hzsht5LoBr_JOv0hR05knS5MjJKPFuatmGNLUogp7zKgtYVa45WfeIOQsFywiXAdPLuBWdY2FfftGQ4PpIKqdQIPAYs4UUVqFb65QgTj0EBF1m4xyVKTc-qrxHOj-GdUaoEk0ksQoBKeYN4Wficd9CQ-R85wqMpnXDd-ENt6iNXT_40xHIv33WndnXbsKRD7kRHLBYb52FHXdZil8YvwKS_NEze1CPxjJ27XiesOOQrYj0IuHMN_dtkT5TympjcWIQdJtEjCj7t91v896XuvbKd7li44_qKI0HQ30h0G3VxvAdA4dZyiq8a8FRepsO-CjA39knGIRzGbrutS0bXZgun1P__Pa2u5cg2ezz0afyCnE7emvCSjpcSHreXuc3IB4DyOL-dxF-LjpCoosRPPzkACskR8BqqxQOSj8vr62CAEH9rrB74LJwDDYHtUG59MgdQf06_EE7dsbOOZNFUiOUAgcEzSNbIJNN0D8Be_-riXZhGXdpJtaRsZvKYzrwCxgiq5oEMfpO0XnsprEn4Za4CsWd81GIynfYy4tVrZVdbv-5KwsaHyQbdlANh6w8zevNz43HxUGpE5lKtGvQ69CbJCzXk76OJGEOTFQVe63Zitk4UhaKHU8AAOB8xEDUvHX7aKwhjm8pT7op-HcEH-sqml20E3TsJScOp2ATJ6hbEKCahWwdKhV3SmQg5M51AAG3qOCRnQTR0SvHKK-f3KZuC1gh-uEKFVdbxJQVGLLRYoXHsFG7PtcjU0-eCBIITWdEUNq55OxL6A_1nX1eLzdyIOLqaCFIFHVjEkZQMlWi_zUuDBaloEMLlGaNtt96y2eQCV5FvamUKAqA7N4oyNtd7vLa4k79EMKoQ4Q4JJbEhsqyh19L-o2URWvvnLJ2SOy-OzFwLija9f174MrEeRTXRjrmuOs-UW-8OnPnuGoSG5vHxUMTuu26Ll_5F-TchTvB9yItYpChf13X2YJTxvg6VMIGsYSeYkmP7l8iSI9ryt6hCoyd3mUhaIZmCBQYrkNRe6SyeNC1Bt5y-rTmowMV5tkH9MOj_q2x4geRy0TeTYZC509kGVDmoK0w7yea8oiTL1APeRmF5WXqL-slayhjpu6B57n86GUmI6rS9rLsd1X9Y-r7J3dMhx21wmHY8kxRewR8ZGcHJEzxeojnrjRC-HlLENf0vv6zyXd8icRGHH0A1wDUUJ5P9zxhYs9CEDiOm4PPMkDuM5l-FC859NkBWUt9F8lixPe6CZRlG418P2k9JAqlxE7l339E9L3Gwlx60KqHphuiFV-I8vqgZxqH-JYcpJa9l9ZZKs4Lzzxqb9yYGGtdLdTlNY2AWRSsyFc9z_kHMMcrbRzA28zNXVLflBzGwArXW76V8H0VPlwC1e84Z2zsAYMQ9YdZ0SI1m9uYmpgkcA6_1IW49wkeLORJ80TCfcAUpDAhMKL5unApnz6A_wK1eZ0zmgtwfqCGCHB0EomtXfoMfOy6Pv4q0ai5rnF5Mv3IZfEYo50YOpaDPCZC3OvhdXajGr46SzccLmvRdRhudrRVhzqy-5A_a3fj43mHs2sFJpdBiDKvZHBER7dWYjBPtodKh3EoYWS7v9DSYDFKbrH1JBSlyw871B-69Jh-3a5QljaHPGBSd9UnsTQjurjU3-LnCp9fYzr71vKWV-t24ut91G2116OxWZyxJsvJywwZHE5dnQF7N5d0SDtttAgZq6j3TOjhVzokP0h6DQ7mKffvQ8l4nfvQoh_c_8QdRRMq-q8VZ-nch4kULS6bEDcBai__9T9qVlJDBVo1LVE8ClUfWiU53V6Kxc8pCk7CYKE0ysauq7KiVZSqz-lCbI5-HznA__9ZddYs-dXhGDhXSsgWJaFu9-tiiirT9uu974c0kbR3G6Qgc5vAV4dWnA21HflAEYbwTOkA_GiEFGapS3QBjM6LTComvVm_5Pasb3tXkb9XYtKSe1J9dWSO8wOmPABGgsi56IJKvYXFC6HxwAQrx8ApInxCurbUxeJ86RTKXFx1VHorB5p0UumWxOmD5i7OiEpxGQOeQu-NSk344dgV__JYxrVJwB209495ROfo6yrYiVjIuz7yBS9E5MG9kesCHaIUbMpDwyq7CAUDFYrkz-DUKPnGJPDarLuFKwBTZOVWBRuYuEn5BIzSclv6cIdv-yU1jcs_XbZn949qvEZ1HwHAqRAQjlt_Mtscn49MxDh55XvVZVgalaUM6BRc7DYBEth94c4VX_36JzyfuvgGgu-SDmQJ9YaWSmmpq-jVa8dIuTUCxLbQ1-UzgcLvMzIwvsxqnOjk7RrkmfMxETaocE_PvXJAmeXhAu6TZR69ZoWndf9BwWt6VuoZTbe5Q_bPVGbK1BR4ZEA&cid=CAASJ-RoLt3TZV__F_BwqtHrZu5-XfZzZo7QNux5ayyQ058y69ivEy4aPg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
IP 64.233.162.157:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (16337)
Hash 64c3143895f4add183e9126a3a5ebe85
0032f5ad111416b92adb061c42294b50627ee30e
abc55d4e347eca1a428cc74c612120f856971fe4d988b7e910dd9e85faa8516c
GET /dbm/vast?dbm_c=AKAmf-DpLww8Q7sUJG3ql7VL-b2L9TlbCqXHrYsspmLlYL9zoIuLO_Ec8F4dHXJfQG_1nCkgEmEnibHwc3PQbGFKFDzbpIX4YA&cry=1&dbm_d=AKAmf-DHuhqFtv-y0UKxh0RwuDRnRKQlofzTL1P6o13vhbNNCUk-mENlkzVR9QF6XKq_jUe0-5Wx1hYXi8YelVkv93S9iWnGyH8Laa1luvfadQTeQi3qx79xwTGYJqdUA5miTuFbH6nnQkAMBS1PID7cCDGOYm301j1ebP83WpguJtSaKVrRpBP8h4r2_2w9azlw2Nzv5wmwee06qAn7A6oInxF3vBwFedcUQAUg_aGF5ULtTZIm5lnh8fi7LlScATT-GtVOjtutPZSEmIWoMFb17Vo6CoyRRITho-AN10LiKzEUfuW6Cxd1WH_eXjXbowJ7MnEAoedIL8zt1qtO0CTY4LMJvAOG-Ok_O_5kTECcP4nWz_psYoDCP9HUw0ZQni-gAg-VCZjzuB1zi_weJ1K32jNJOIQ9YVUtdBPhSVFGSF7nry_bRTC0HdBBzuL5VKlL5Wb4qGjbrjdDNOWpWGV5eLkgLy4OfhoiFDqMaEPtXUoZGjNH6dOUt2zfOnP7qZ80pvf_USU5quYsAR7LJryDU3vzncle8K5_Nux6XUHJ08DkgGDCfzp0uNtRKovXOLwexfNP75j2t7ZINtBBtQYE1Le0SLvqrzFFvBGH50mJuCvnJwiv70XvI4FLiZf2WL3GJ9_nSBCuwbBy25eTVOifa1AONc5xpTFWAYGtsFl19e48tyQwepfDLFz4LeMjbhljBoEr59-4qSAt7njXgpTy1gTxLy4r6FES9MprnEYROHUM52X3HGQKYs-v9Y1a5m32nvf_GP8Gfs7rGvlkWLieTd5O5vUTg0YUUB8GZOjHcJ89zFgBTRiZ6MSVvemE1giH5phNDlPkXYxAYdxVSDfEtSmwToL0tiGEyNG4AO9PtwdYvSrv97W9BpMOoNGxLlVzpRkOsG8bK5lTpiUikfIzwHgGi9nl0hzsht5LoBr_JOv0hR05knS5MjJKPFuatmGNLUogp7zKgtYVa45WfeIOQsFywiXAdPLuBWdY2FfftGQ4PpIKqdQIPAYs4UUVqFb65QgTj0EBF1m4xyVKTc-qrxHOj-GdUaoEk0ksQoBKeYN4Wficd9CQ-R85wqMpnXDd-ENt6iNXT_40xHIv33WndnXbsKRD7kRHLBYb52FHXdZil8YvwKS_NEze1CPxjJ27XiesOOQrYj0IuHMN_dtkT5TympjcWIQdJtEjCj7t91v896XuvbKd7li44_qKI0HQ30h0G3VxvAdA4dZyiq8a8FRepsO-CjA39knGIRzGbrutS0bXZgun1P__Pa2u5cg2ezz0afyCnE7emvCSjpcSHreXuc3IB4DyOL-dxF-LjpCoosRPPzkACskR8BqqxQOSj8vr62CAEH9rrB74LJwDDYHtUG59MgdQf06_EE7dsbOOZNFUiOUAgcEzSNbIJNN0D8Be_-riXZhGXdpJtaRsZvKYzrwCxgiq5oEMfpO0XnsprEn4Za4CsWd81GIynfYy4tVrZVdbv-5KwsaHyQbdlANh6w8zevNz43HxUGpE5lKtGvQ69CbJCzXk76OJGEOTFQVe63Zitk4UhaKHU8AAOB8xEDUvHX7aKwhjm8pT7op-HcEH-sqml20E3TsJScOp2ATJ6hbEKCahWwdKhV3SmQg5M51AAG3qOCRnQTR0SvHKK-f3KZuC1gh-uEKFVdbxJQVGLLRYoXHsFG7PtcjU0-eCBIITWdEUNq55OxL6A_1nX1eLzdyIOLqaCFIFHVjEkZQMlWi_zUuDBaloEMLlGaNtt96y2eQCV5FvamUKAqA7N4oyNtd7vLa4k79EMKoQ4Q4JJbEhsqyh19L-o2URWvvnLJ2SOy-OzFwLija9f174MrEeRTXRjrmuOs-UW-8OnPnuGoSG5vHxUMTuu26Ll_5F-TchTvB9yItYpChf13X2YJTxvg6VMIGsYSeYkmP7l8iSI9ryt6hCoyd3mUhaIZmCBQYrkNRe6SyeNC1Bt5y-rTmowMV5tkH9MOj_q2x4geRy0TeTYZC509kGVDmoK0w7yea8oiTL1APeRmF5WXqL-slayhjpu6B57n86GUmI6rS9rLsd1X9Y-r7J3dMhx21wmHY8kxRewR8ZGcHJEzxeojnrjRC-HlLENf0vv6zyXd8icRGHH0A1wDUUJ5P9zxhYs9CEDiOm4PPMkDuM5l-FC859NkBWUt9F8lixPe6CZRlG418P2k9JAqlxE7l339E9L3Gwlx60KqHphuiFV-I8vqgZxqH-JYcpJa9l9ZZKs4Lzzxqb9yYGGtdLdTlNY2AWRSsyFc9z_kHMMcrbRzA28zNXVLflBzGwArXW76V8H0VPlwC1e84Z2zsAYMQ9YdZ0SI1m9uYmpgkcA6_1IW49wkeLORJ80TCfcAUpDAhMKL5unApnz6A_wK1eZ0zmgtwfqCGCHB0EomtXfoMfOy6Pv4q0ai5rnF5Mv3IZfEYo50YOpaDPCZC3OvhdXajGr46SzccLmvRdRhudrRVhzqy-5A_a3fj43mHs2sFJpdBiDKvZHBER7dWYjBPtodKh3EoYWS7v9DSYDFKbrH1JBSlyw871B-69Jh-3a5QljaHPGBSd9UnsTQjurjU3-LnCp9fYzr71vKWV-t24ut91G2116OxWZyxJsvJywwZHE5dnQF7N5d0SDtttAgZq6j3TOjhVzokP0h6DQ7mKffvQ8l4nfvQoh_c_8QdRRMq-q8VZ-nch4kULS6bEDcBai__9T9qVlJDBVo1LVE8ClUfWiU53V6Kxc8pCk7CYKE0ysauq7KiVZSqz-lCbI5-HznA__9ZddYs-dXhGDhXSsgWJaFu9-tiiirT9uu974c0kbR3G6Qgc5vAV4dWnA21HflAEYbwTOkA_GiEFGapS3QBjM6LTComvVm_5Pasb3tXkb9XYtKSe1J9dWSO8wOmPABGgsi56IJKvYXFC6HxwAQrx8ApInxCurbUxeJ86RTKXFx1VHorB5p0UumWxOmD5i7OiEpxGQOeQu-NSk344dgV__JYxrVJwB209495ROfo6yrYiVjIuz7yBS9E5MG9kesCHaIUbMpDwyq7CAUDFYrkz-DUKPnGJPDarLuFKwBTZOVWBRuYuEn5BIzSclv6cIdv-yU1jcs_XbZn949qvEZ1HwHAqRAQjlt_Mtscn49MxDh55XvVZVgalaUM6BRc7DYBEth94c4VX_36JzyfuvgGgu-SDmQJ9YaWSmmpq-jVa8dIuTUCxLbQ1-UzgcLvMzIwvsxqnOjk7RrkmfMxETaocE_PvXJAmeXhAu6TZR69ZoWndf9BwWt6VuoZTbe5Q_bPVGbK1BR4ZEA&cid=CAASJ-RoLt3TZV__F_BwqtHrZu5-XfZzZo7QNux5ayyQ058y69ivEy4aPg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 11:31:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://googleads.g.doubleclick.net
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15998
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-Oct-2022 11:46:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gcdn.2mdn.net/videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9419861EB1F97E1B63364EA2347A33372F44470D.86ED4993C98913AEDA202244774C9E4F6816AC01/key/ck2/file/file.mp4
142.250.74.14302 Found 0 B URL HTTP/2 gcdn.2mdn.net/videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9419861EB1F97E1B63364EA2347A33372F44470D.86ED4993C98913AEDA202244774C9E4F6816AC01/key/ck2/file/file.mp4
IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9419861EB1F97E1B63364EA2347A33372F44470D.86ED4993C98913AEDA202244774C9E4F6816AC01/key/ck2/file/file.mp4 HTTP/1.1
Host: gcdn.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 04 Oct 2022 11:31:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
location: https://r2---sn-5goeenez.c.2mdn.net/videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2C25E50610C366C2CC2668C957CA4ABB127B12B4.074D7EB525229132AFFD89E928C685FB45D29030/key/cms1/cms_redirect/yes/mh/n6/mip/91.90.42.154/mm/42/mn/sn-5goeenez/ms/onc/mt/1664882708/mv/m/mvi/2/pl/21/file/file.mp4
content-type: text/html; charset=UTF-8
server: ClientMapServer
content-length: 642
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3618ad12f7ef72cb1d6ec04964b612e8
f2e9fe487b891c9478a743f8fe9bc3f49d12f44b
4b815ad18683ed898b885912726aa347645bb6073b72927ba014bf796c985942
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r2---sn-5goeenez.c.2mdn.net/videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2C25E50610C366C2CC2668C957CA4ABB127B12B4.074D7EB525229132AFFD89E928C685FB45D29030/key/cms1/cms_redirect/yes/mh/n6/mip/91.90.42.154/mm/42/mn/sn-5goeenez/ms/onc/mt/1664882708/mv/m/mvi/2/pl/21/file/file.mp4
74.125.111.7200 OK 0 B URL HTTP/1.1 r2---sn-5goeenez.c.2mdn.net/videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2C25E50610C366C2CC2668C957CA4ABB127B12B4.074D7EB525229132AFFD89E928C685FB45D29030/key/cms1/cms_redirect/yes/mh/n6/mip/91.90.42.154/mm/42/mn/sn-5goeenez/ms/onc/mt/1664882708/mv/m/mvi/2/pl/21/file/file.mp4
IP 74.125.111.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /videoplayback/id/8231d9b1e0ecbe90/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3796204489/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2C25E50610C366C2CC2668C957CA4ABB127B12B4.074D7EB525229132AFFD89E928C685FB45D29030/key/cms1/cms_redirect/yes/mh/n6/mip/91.90.42.154/mm/42/mn/sn-5goeenez/ms/onc/mt/1664882708/mv/m/mvi/2/pl/21/file/file.mp4 HTTP/1.1
Host: r2---sn-5goeenez.c.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 05 May 2022 13:11:54 GMT
Content-Type: video/mp4
Date: Tue, 04 Oct 2022 11:31:07 GMT
Expires: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Content-Length: 2227581
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3618ad12f7ef72cb1d6ec04964b612e8
f2e9fe487b891c9478a743f8fe9bc3f49d12f44b
4b815ad18683ed898b885912726aa347645bb6073b72927ba014bf796c985942
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:31:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csi.gstatic.com/csi?v=2&s=osv&puid=1~l8u4e3o3&c=92977458763&slotId=46488729381.5&qqid=CImH9d28xvoCFYaRGAodYZID1Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
142.251.2.120204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=1~l8u4e3o3&c=92977458763&slotId=46488729381.5&qqid=CImH9d28xvoCFYaRGAodYZID1Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
IP 142.251.2.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=1~l8u4e3o3&c=92977458763&slotId=46488729381.5&qqid=CImH9d28xvoCFYaRGAodYZID1Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Tue, 04 Oct 2022 11:31:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
142.250.74.10200 OK 608 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 142.250.74.10:0
Hash 06ed440733fa283f297a0d0468adb01d
61a5f194b5a7734b5528e948558903739808e7bd
9a40b2f4f97baba68c60143c005b0ff19cbcf7488550e17f584a8b39868e833e
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 11:31:06 GMT
date: Tue, 04 Oct 2022 11:31:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/js/the220px.js?rev=47
IP 104.21.5.137:0
GET /styles/default-new-reg/js/the220px.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=562
etag: W/"57e8eb5d-232"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 494944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDflwSa%2FwQwHL5CpTg%2FzPR%2FOwN2saXKfGa%2FvmObpDtom32kl2DDIDQmk%2F5SjqCp6b8qUVP%2BhiH34NPHmEEj2r59ioBdqmjIVVzPTZsOiZ4PyL5M1PcWHb4Urr3Bvvpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d368d81bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/font-awesome.min.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/font-awesome.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
etag: W/"5e0bab24-578f"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 64121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTrEIQ%2Frss%2F1O9NEi0gnjVBts0y140TFJm%2FZ%2FDxUdEPH9kG4KBFlb8P%2BoueDQL6BjMgUU1Hw79i7sNZi1Ne47VYWs037JBwfp601xKi5F4Fo9tHgCkcdskN3zV2sPZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d388f71bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/fonts.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/fonts.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=487
etag: W/"5e0bab24-1e7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 574783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqWCrY4NIfwkSKJMyhWYPoZYcseNJsSuOtx5gWmZ3F%2F9fBc6ZN1p6ur3YLxcVZI4yljpIChaGgGKdcf1kHJH8hqd1%2FGoh5NHNlvNWBK52cP6DcC2riHzpVHT8KalZzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d399001bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/animate.min.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/animate.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-d0b7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 64120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcNf1TO80yuomGbW67BCt4C33QyXbnpS6QbPIoAScdzKn9q7N19rxRGpz7tTy6btNxBd8H8c9sL%2BiCyRji6b4kuXR0hS7vTWiNRXNd8pqoOBpxmM%2BaWhd%2F0msZAdbtw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d388fe1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:700,500,400,300
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:700,500,400,300
IP 142.250.74.10:0
GET /css?family=Roboto:700,500,400,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 11:31:06 GMT
date: Tue, 04 Oct 2022 11:31:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/reset.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/reset.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=1013
etag: W/"57e8eb5d-3f5"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 574783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INQ3JS0bpnbwVHy63sVB6EjGIJjXW1B7N%2FlXEsKBWCQ8qHI9TamgeNDMOyDyCheFV0Kuob3BRktKeyBAao%2F4mjF80ArxOqgabVn5U0JlhQLHjn21uRw5bBIo47SMg6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d368d21bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/javascript.js?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/javascript.js?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/javascript.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=16039
etag: W/"57e8eb5d-3ea7"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 494944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsfuzuoLVdsO2oXhY%2BFmqMx0Ca8dSL9ckDwpu0FVEaKIcuAedZ2rs7DZ47Q5hY7tHFx%2Bfrlw1I78ztmJAZ1aXfMmZwdOXmN6f%2FfBSY1NpWv82VA5bBWSbEGlnEhBhNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d368d91bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/js/bootstrap.min.js?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/js/bootstrap.min.js?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-875d"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 64121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB6%2B4kuf8gMkiW9rmykzRkgyJ87OLWeCbQQn6uIvEXKDKmGFOxw26Q7DwxQSF4FYEq4VL4d%2BkDSsQPYD4FMK1K%2FwEokrsc5ZUd%2FEQwxohMULvqPMO4%2B%2FhzvyOT33hLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d368d61bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/the220px.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/the220px.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=11662
etag: W/"58cb25b5-2d8e"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Thu, 16 Mar 2017 23:54:29 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 305710
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKFzp105etIH9MqAjwgQYPXDoFvCsFDlwPf8SrV7qQh1mU4R6QhIEVyMl0hrTc1gE749hkcPV4MczFyfTNI596vSs2uFOUiHaPU982poXiJ4G9u%2F7j5SAYqeQOCDrDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d368d51bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/bootstrap.rtl.min.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2016 09:33:17 GMT
etag: W/"57e8eb5d-1bae7"
expires: Mon, 23 May 2022 14:38:08 GMT
cache-control: max-age=5356800
x-cache-status-a: HIT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 494944
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prUcTEtcfMP815ZlJIUA4mnrOkPn56iN74eiQdnYSs%2Fnr8E%2BtAonvJ9eHYIqe33HenAZigoqwQFx2IuPlpcDFFz1ArJriDrq%2B0tmeQCZUSVDrFbMpUb%2BLD6gxTBCBi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d378e81bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
104.21.5.137200 OK 0 B URL HTTP/2 s.top4top.io/styles/default-new-reg/css/stylesheet-3.3.css?rev=47
IP 104.21.5.137:0
Analyzer Verdict Alert fortinet Malware
GET /styles/default-new-reg/css/stylesheet-3.3.css?rev=47 HTTP/1.1
Host: s.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://top4top.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:31:04 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5356800
cf-bgj: minify
cf-polished: origSize=23881
etag: W/"5e0bab24-5d49"
expires: Mon, 23 May 2022 14:38:08 GMT
last-modified: Tue, 31 Dec 2019 20:10:12 GMT
vary: Accept-Encoding
x-cache-status-a: HIT
cf-cache-status: HIT
age: 64121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fECz%2FGxwPqyBqYINDDz1C3B6ZRnSmQtn4tlQ6txkhAdjg617IJURXGDlyiWzR2pRaXbSRQ9E4KD9lt2cy2wgCr9S7E1ExuN%2Bffubtxgc6CzeAnWso1rmax3TNJ5yaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d96d388f61bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.10:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 11:31:06 GMT
date: Tue, 04 Oct 2022 11:31:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2